Public key cryptography is a widely used approach for securely transmitting messages over an otherwise unsecured communications channel. Public-key cryptography employs asymmetric key pairs. An "asymmetric" cryptographic key pair consists of two separate keys, a first key to manipulate data in one way and a second key to convert the manipulated data back to its original form. The keys are based upon a mathematical relationship in which one key cannot be calculated (at least in any reasonable amount of time) from the other key.
Cryptographic key pairs can be used for different functions, such as encryption, decryption, digital signing, signature verification, and authentication. As an example, encryption and decryption using an asymmetric key pair can be represented as follows:
E.sub.Kpub (M)=C PA1 D.sub.Kpri (C)=M PA1 RSA Encryption: C=M.sup.e mod n PA1 RSA Decryption: M=C.sup.1/e mod(p.sbsp.1.sup.-1)(p.sbsp.2.sup.-1) mod n PA1 x=g.sup.R mod n, where:
where "E.sub.Kpub " is an encryption function using a public encryption key "Kpub" to encrypt a plaintext message "M" into ciphertext "C", and "D.sub.Kpri " is a decryption function using a private decryption key "Kpri". The inverse is also true in that a message can be "signed" using the private key and the signature can be verified using the public key.
In a public key system, the public key is distributed to other parties and the private key is maintained in confidence. The asymmetric public and private keys ensure two results. First, only the holder of the private key can decrypt a message that is encrypted with the corresponding public key. Second, if another party decrypts a message using the public key, that party can be assured that the message was encrypted by the private key and thus originated with presumably the holder of the private key.
One of the best known and most widely used asymmetric ciphers is the RSA cryptographic cipher named for its creators Rivest, Shamir, and Adleman. The original RSA cryptography system is described in U.S. Pat. No. 4,405,829, entitled "Cryptographic Communications System and Method", which issued Sep. 20, 1983, in the names of Rivest, Shamir, and Adleman. This patent is incorporated by reference as background information.
The RSA cipher for encryption and decryption is given as follows:
where p.sub.1 and p.sub.2 are prime numbers, n is a composite number of the form n=p.sub.1 p.sub.2, and e is a number relatively prime to (p.sub.1 -1)(p.sub.2 -1).
The operation "mod" is a "modular reduction" operation, or simply "modulo" operation, which is a common operation for large integer arithmetic. The modulo operation is an arithmetic operation whose result is the remainder of a division operation. It is expressed as "A mod B," where A is a number written in some base and B is the "modulus." The result of A mod B is the remainder of the number A divided by the modulus B. As a simple example, the modulo operation 17 mod 3 yields a result of 2, because 17 divided by 3 yields a remainder of 2. Because it produces a remainder, the modulo operation is often alternately referred to as the "division remainder" operation.
With the conventional RSA cryptography, decryption is significantly slower than encryption. This discrepancy is due to the fact that the RSA cipher requires more computations to decrypt a message than are needed to encrypt the same message. The discrepancy can be disadvantageous in certain environments. For example, in the client server context, clients and servers often exchange encrypted messages to one another. Individual clients often enjoy plentiful time and resources to encrypt a message. Unfortunately, the server does not experience such luxury and may on occasions be limited in its ability to rapidly decrypt incoming messages, especially during times of high client request volume.
Accordingly, there is a need to improve the speed of the decryption in the RSA algorithm.